Article I. product description Advanced Threat & Organization Monitoring (ATOM) is run over Microsoft products available from Microsoft Azure (Azure). KPCS CZ sro (hereinafter referred to as the contractor) provides reactive surveillance services, automated analysis of the monitored environment on the basis of a plan that the customer (hereinafter referred to as "the ordering party") orders and provides conclusions drawn from that aim to increase the safety and health of the environment, development of the ATOM service. Based on the selected plan, the contractor provides the services to the customer with the services specified in Article III.of this document. The ATOM service provides insight into logs from the client environment, and transfers these logs to the Azure environment, where they are retained according to the log preservation time set, as specified in the definition in Article III.of this document. By logged-in logo, the contractor means any system-level entry or application that records service status, event log, server performance record, or an application running on it. For the avoidance of doubt, the contractor states that he does not preview the databases or systems that are accessible under a different identity from the system identity. On each monitored device there is an agent consisting of programs that are required by the Azure platform and contractor company programs that supervise the client environment and take care of data transfers to the Azure environment. If the Customer orders the "Custom" Schedule described in Article V., then the above may be different depending on the need of the Customer, to the extent specified in a separate offer, which was prepared for the ordering by the contractor or by the definition described in Article V of this document. In other cases, the functionality does not differ and the service description remains as fully as it is documented in this document. Article II. Service components The Contractor provides, beyond the services available from Microsoft, the components described in this Article , the drawing of which is subject to the selection of the appropriate plan ordered by the Customer. Specification of services and features is provided in Article III.of this document. The above mentioned components are provided by the contractor in the configured form without necessity and modification by the customer. Thus, unless otherwise stated in the contract or offer, the customer has the sole access to viewing, searching, merging the data of which he is the sole owner. The Contractor has the authority to modify his own system, may add, edit, visualize, and activate or deactivate other services from the Microsoft product portfolio that are available on the Azure platform now or anytime in the future, but these services will not affect the ATOM's own cost. Neither the contractor nor the client has the right nor the right to alter the information already registered with ATOM and the Azure platform.Below is a list of features,deliver as part of the plan within 24 hours of the order if no unwarranted barriers to Microsoft's or Client's service start-up occur when it is not otherwise defined in the contract (for example, if the customer requests modifications that are unique to his own environment or when assistance is required to install agents that control the environment, etc.). If the services specified in Article V of this document are ordered , the time of the preparation of the environment is not declared, and this time remains dependent on the requirements of the client and will be negotiated before the start of its own deployment, in writing. The offer submitted to the Client and approved by the Client and the Contractor is also considered to be a written form . Table 1 : List of contractor components The contractor provides as part of ATOM the components available within the Azure platform as listed below. These services are activated as required by the contractor, which carries out identification of security events over components and prepares data visualization for the customer. If the Subscriber is required to activate other components not listed below, the Contractor has the right to move the Customer to the Custom Schedule, which also complies with the conditions set forth in Article V. of this document. Individual components of ATOM can also be accessed through other Azure components. These are, in particular, the following Azure-provided services: • Dashboards - https://docs.microsoft.com/en-us/azure/azure-portal/azure-portal-dashboards • Log Analytics - https://azure.microsoft.com/en-us/services/log-analytics/ • Azure Security Center - https://azure.microsoft.com/en-us/services/security-center/ • Application Insights - https://azure.microsoft.com/en-us/services/application-insights/ • Network Watcher - https://azure.microsoft.com/en-us/services/network-watcher/ • Monitor - https://azure.microsoft.com/en-us/services/monitor/ • Advisor - https://azure.microsoft.com/en-us/services/advisor/ COMPONENTS SHIPPED WITHIN AZURE COMPONENT DESCRIPTION PLAN FREE STANDARD PLAN PREMIUM PLAN Table 2 : List of Azure Provider Components Article III. ATOM services and features The ATOM service consists of the services described in the table below, which are available according to the ordered plan. If the Customer does not secure the device connection with the current version of the agent to ATOM, or the data will not be sent to ATOM due to Obstacles on the part of the Customer or Microsoft, then the Contractor can not guarantee the functionality and accuracy of these services. Table 3 : Services provided under ATOM ATOM has the following features, which may vary depending on the selected license plan specified in this Article, Article II, Article. IV. and Article V . Table 4 : Attributes provided within ATOM Article IV. License plans 1. The Contractor provides the license plans below, which are ordered by the Customer via an order through the website or by offering a service from the Contractor's representative. All of the plans below are created on the Azure platform and the contractor makes the ordering of the customer at Microsoft and enters into a contract between the customer and Microsoft, which is governed by the "Microsoft Cloud" agreement, which is listed on the website: - http://download.microsoft.com/download/2/C/8/2C8CAC17-FCE7-4F51-9556-4D77C7022DF5/MCA2017Agr_EMEA_EU-EFTA_CZE_Sep20172_CR.pdf 2. "Free" License Plan - this plan is provided without any guarantee from the contractor, always and exclusively in the contractor created by the Azure platform. This license plan is limited by the functionality and services that are provided as part of the drawdown of the plan, and the contractor is entitled to terminate the service at any time without giving any reason. The content of the plan is governed by Article II. and Article III. this document and the exception to the plan is not allowed. 3. "Standard" license plan - this plan is provided on the basis of an order, when purchasing the licenses in a 10-pack package is a prerequisite for the service. Each license allows you to connect just one device. The plan does not allow an assessment of the area of the client's environment. All service components in this plan are fully automated and do not include consultations or warnings provided by the contractor. The content of the plan is governed by Article II. and Article III. of this document and the exception to the plan does not allow it. 4. "Premium" license plan - this plan is provided on the basis of an order, when purchasing a license in a 10-pack package is a prerequisite for the service. Each license allows you to connect just one device. The plan focuses on assessing the area of the client's environment. Part of the service in this licensing plan is beyond automation, human work, and event notification provided by the contractor. Consultation of findings is not part of the plan but is available on request. This consultation is governed by the normal business conditions between the ordering party and the contractor. The content of the plan is governed by Article II. and Article III. of this document and the exception to the plan does not allow it. 5. "Komplet" license plan - this plan is provided on the basis of an order, when purchasing a license in a 10-pack package is a prerequisite for the service. Each license allows you to connect just one device. This plan is similar to the Premium plan, expanding it with other services such as Microsoft Premier Support and changing the provisions of Article III. of this document under "Support", which is modified to 24x7x365. Part of the service in this licensing plan is beyond automation, human work and event notifications provided by the contractor and Microsoft. Consultation of findings is not part of the plan but is available on request. This consultation is governed by the normal business conditions between the ordering party and the contractor. The content of the plan is governed by Article II. and Article III. of this document and the exception to the plan does not allow, except for the "Support" item that has been modified by this specification. 6. The Customer may, based on these conditions, connect devices located anywhere in the world, and the platform will always be created within the "West Europe" region as described by Microsoft. Information on location data within the "West Europe" region can be found at the following address: https://azure.microsoft.com/en-us/global-infrastructure/services/?regions=europe-west&products=all 7. The Contractor shall authorize the Client to undertake within the License: - Installing an agent on a device that matches the intended purpose of the service and / or - record the agent into the device's working memory, display and run it, and / or - Include an agent in backups of the device on the media used, where the agent is part of the backup device, if necessary. The contractor allows the upgrade of the plan to a higher version of the license plan without affecting the data already recorded on the platform. Moving from a higher plan to a lower one is conditional on the data being lost (by deleting) and recreating the customer environment in the already existing Azure environment. Upgrading to a higher plan is not charged, with the transition to a lower plan being governed by the normal business conditions of the contractor's company. Article V. Service changes based on customer requirements The contractor allows for the modification of the license plans on the basis of the customer's request, when the exact specification of the service is described in a separate offer, which includes these arrangements. If a request is made by the customer in a previously purchased or newly established plan, then the contractor guarantees that the following changes, which are not part of the defined price, will be allowed, but the assessment will be carried out individually. In these cases, the already existing plan will always be converted to the "Custom" plan, the options of which are specified below. The "Custom" plan allows you to customize the ATOM environment according to the needs of the customer and it is possible to ensure that the following features are used: - Deployment to the Azure environment - The ability to deploy ATOM to an existing and customer-operated Azure environment, the price being divided by the platform price charged to the customer under its existing Microsoft license and a predetermined amount by the contractor for ATOM services - Data storage extension - The length of data retention can be extended up to 730 days - Activation of other Azure components - The customer can request to connect and extend the existing service with other components available within Azure services and Azure platforms. - Developments based on customer requirements - Customer may ask for custom data visualization types or data collections to which they grant access (especially information from applications, databases, etc.) based on their needs. The contractor then prepares the data pump by which the contractor thinks the tools for extracting the data from the device, and builds their visualization, which he puts into the ATOM service. The content of these arrangements does not change with the other component. For this purpose, the built-in component and data pump are protected by copyright and are the property of the contractor. - Connect Active Network Elements - The Customer may, depending on their needs, request to connect their active network elements. These elements will be connected via an intermediary (a device that allows logging to a central location in the customer environment, the so-called "syslog server"), which will mediate the sending of data to the Azure platform. The responsibility for the operation of such equipment remains with the agreement between the customer and the contractor. The contractor allows the customer to draw services beyond the specified license plans, without changing the license plan to "Custom" mode. The services listed below can be obtained after consultation with the contractor, in the form of an offer and an order. - HealthCheck services that are not already part of the ATOM component - the customer may, if required, ask the contractor to activate a service to check the health of the application according to the current and valid contractor's offer, available upon request by the customer. In this case, a data pump will be deployed to collect information from the monitored device, requiring modification and assignment of the necessary credentials to enable the collection to be performed. After transferring data to the Azure platform, the contractor will visualize this data and deliver a pre-prepared report that evaluates the health of the service to the customer. The exact specification of this service is available on request from the contractor and no part of the service is part of the defined plans described in Article IV. of this document. - Connection of Microsoft Office365 services - The client may, if necessary, ask the contractor to connect Office365 already active services to ATOM for the purpose of collecting audit information from Sharepoint Online, Exchange Online, or Azure Active Directory. Linking these services requires an Office365 user account that has the right to collect and transfer auditing information from Office365 to ATOM. This service is not part of any of the licensing plans set out in Article IV. of this document and is available on request from the contractor. - Environmental probe - The customer may, if required, ask the contractor to activate a service to check for physical factors such as moisture, temperature, or other pointers that are available and connectable to the environmental probe. The exact specification of this probe is available on request from the contractor and no part of the probe is part of the defined plans as described in Article IV. of this document. - Consultation or resolution of problems beyond the scope of the service provided - The client may, if necessary, ask the contractor to provide a consultation or a solution to the identified finding. This consultation or solution is governed by the normal business terms and conditions between the customer and the contractor. This service is not part of any of the licensing plans set out in Article IV. of this document. - Extension of the service with additional notice - The customer may request the contractor to extend the ATOM notice , if required, only in a paid "Standard", "Premium" or "Complete" plan. This expansion will be judged individually according to the Azure platform. This extension is governed by normal business conditions between the ordering party and the contractor. All the services listed in this article may be used on request by the Customer by contacting the Contractor's Sales Representative or contacting the Helpdesk of the Contractor's Company at +420 733 702 864 or by email Article VI. Pricing and method of payment The following provisions specify how payment will be made for ATOM services and what are the conditions under which the payment by the contractor will be required by the customer. 1) The contractor has the right to ask the customer for a payment for connected monitored devices in a given month, based on the number of connected devices. If one device and another device are removed from the system at different times during one month, this is counted as one device and therefore only one license. If, however, overlapping of both connected devices occurs within one month, then the customer will be entitled to two withdrawn licenses in the month in which the overlap occurs. 2) The payment for ATOM services is made retrospectively according to the current drawdown of the services in the given month, based on the invoice issued by the Client, which is payable within 14 days from the invoice date. 3) The Customer has the right to claim the ATOM service whenever a defect is detected or if the service is unavailable. If this happens, an assessment of the event is always made by the contractor. However, the refund can not exceed the price paid by the customer in the given month. The calculation of the refund is governed by the following rules: a. If the percentage of operation in the month was less than 99.9%, then the Customer is entitled to a discount on the service provided up to 10% of the total monthly amount. b. If the percentage of operation in the month was less than 99%, then the Customer is entitled to a discount on the service provided up to 25% of the total monthly amount. Percentage of time worked was determined by the following formula: Month of Months in% = (total number of queues - delayed doses) / total number of queued 4) If the customer requests to use the option of linking the service to his / her Azure environment, the payment for the services provided will be governed by a contract between the customer and the contractor 5) The price for the services provided is always determined on the website of the provider https://www.atom.ms/atom 6) If the Customer requests that Azure data be retained on the termination of the contract, only the contractual part of the obligation between the Customer and the Contractor will be terminated, but the performance between the Customer and Microsoft will not be affected. The customer is thus obliged, through the Microsoft partner, to continue to pay for Azure. 7) The Customer can not claim damages or lost profits as a result of misuse of the ATOM or Azure platform or a system failure due to installation on the Customer's premises in the performance of the transaction. The contractor reminds the client that proper deployment should take place first in a test environment that impresses the production environment, and after proper testing, deployment to the production environment can be made. Deploying ATOM is always done under the responsibility of the customer, not the contractor. 8) The ATOM service price includes the applicable license fee for licensed licenses 9) If the price is not set by the contractor's respective offer, then the price is governed by the price stated on the Contractor's website, specifically at https://www.atom.ms/atom 8. Article VII. Obligations of the Client The Client is obliged to pass unexpected events that could affect the ATOM service and performance by the Contractor. The Customer is therefore obliged to ensure: - Report system shutdowns that are subject to regular ATOM supervision. - Do not exceed the license limit without prior consultation with the contractor. If the Customer exceeds the limit, the Contractor is entitled to charge the Customer for the month in which the limit has been exceeded without prior notice. - Providing synergies in addressing the identified problem in ATOM service functionality or failure to collect information from monitored devices. - Ensure the installation, reinstallation or updating of data pumps and agents on all monitored devices by self-help, or the customer may request consultations or troubleshooting beyond the scope of the service provided in Article V of this document. - Perform manual installation of data pumps and agents on all monitored devices based on the Linux platform, based on documentation provided by Microsoft. - When new devices are connected to ATOM, the latest version of the agent from the service provider's site must always be downloaded and installed. - Install agents to collect telemetry data from web servers, or customize the page source code, provided the client wants to use application analysis services built on the Application Insights component of the Azure platform. - To inform the public and its users that there is a continuous monitoring and evaluation of the logs at the monitored facilities from which conclusions are drawn for the identification of possible security incidents. - In case of termination of the service, the customer is obliged to uninstall the agents and delete the data pump from the device from the following locations of the monitored device: o Uninstalling the Microsoft Monitoring Agent o Dependency Agent Uninstall o Deleting scheduled tasks in a branch named ATOM o Delete files from the C: \ Program Files \ ATOM directory o Deleting registration keys from HKEY_LOCAL_MACHINE \ SOFTWARE \ ATOM o Delete an event log in the Application and Services Logs \ ATOMHealth path - Fulfill all the assumptions described here https://www.atom.ms/atom/blog/predpoklady-pro-provoz-a-pripojeni-sluzby-atom.html . - Inform the contractor, at the latest on the date of sending the termination request, that he / she wants to keep the data on the Azure platform under the conditions set out in Article VI. of this document. - If the client wants to use WebProbe services described in Article II. of this document, he / she is required to notify the URL of the pages to be attached to the ATOM service without being invited by the contractor. Article VIII. Definition of position in relation to Regulation 679/2016 and Act No. 101/2000 Coll. The contractor does not preview the databases or applications that may contain confidential privacy information, except information about the user's access to the system or about the IP addresses, MAC addresses from which the system was accessed, or information about the websites visited. The Contractor may only acquaint himself with personal data provided that the Customer has requested the "Custom" Schedule specified in Article V or the HealthCheck service specified in Article V.of this document. In other cases, the Contractor shall be deemed to be a "Third Party" as specified in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Regulation on the protection of personal data). For this reason, the contractor below sets out the conditions of confidentiality in relation to the facts ascertained by the ATOM service delivery obligations. If there is a separate contract of confidentiality or a processing agreement between the contractor and the client, then it is the parent. 1. Within the meaning of the General Regulation on the protection of personal data, the Parties are considered to be separate administrators against data subjects and against third parties in respect of the definitions provided in Article 4 of the General Regulation on Personal Data Protection. 2. The Contracting Parties are obliged to inform the data subject, under the terms of the General Regulation on the protection of personal data, of the transmission of personal data to the other party, in particular when transmitting contact information to employees or partners of the parties. 3. Employees of the Contracting Parties or other natural persons processing personal data under a contract with the controller and other persons who, in the course of the fulfillment of the statutory rights and obligations, come into contact with the personal data of the administrator shall be obliged to maintain the confidentiality of the personal data and security measures whose disclosure would jeopardize the security of personal data. 4. Each Contracting Party shall take appropriate measures, taking into account the context of the processing carried out and the personal data processed by the Contracting Party, according to the determined risk of the processing being carried out. For the sake of clarity, it is stipulated that neither Contracting Party is responsible for the other Party at the level of the measures taken and therefore it is for each of the Contracting Parties to ensure the continued protection by appropriate technical or organizational measures against unauthorized or unlawful processing and against accidental loss, damage. 5. Each Contracting Party shall not perform the systematic processing of personal data and the transfer of personal data outside the IT of the Party that is the controller of the personal data concerned and shall not manipulate the personal data of persons other than the employees of the Contracting Parties and always with those data are absolutely necessary for the operation. 6. For the purpose of clarifying the doubts, the Parties agree that this point is without prejudice to the random collection of personal data necessary for the performance of the subject matter of the contract, since such random collection is not bound by the terms of the General Regulation on the protection of personal data. 7. In the event of a situation requiring systematic processing of personal data by data subjects other than those of the Parties, the relationship between the Parties shall be adapted to the processing relationship and an appropriate contract for the processing of the personal data of the data subjects shall be concluded. 8. If the data subjects' personal data should be processed in a systematic manner, the parties are obliged to inform the other party immediately, however, at the earliest prior to the commencement of the processing. 9. Personal data with which the parties come into contact shall be used only for the purpose of performance of the contract and will not be used for any other processing purposes without the prior consent of the other party. 10. When the contract is terminated, each of the Parties shall ensure the immediate deletion of personal data concerning the data subjects of the other Party, except for the data subjects directly involved in the performance of the contract. These persons will be retained in the systems according to the valid version of the "Privacy Policy" or the "Memorandum of Understanding", which each of the parties is publicly accessible. The contractor representing Microsoft is claiming Microsoft to become a personal data processor with respect to the personal data manager, the customer's company. For the sake of clarification, the Contractor states that he is not responsible for Microsoft's handling of the Personal Information Manager, and states that Microsoft should follow Microsoft's privacy statement, which can be found here https://privacy.microsoft.com / cs-en / privacystatement If necessary with regard to the protection of the privacy of individuals or in the context of a breach of security, the Customer may contact the contact email address where his request will be answered and any questions answered. Article IX. Protection of the copyright work according to Act No. 121/2000 Coll. The program product is copyrighted to the contractor ( Article II, Table 1 of this document) copyrighted work in accordance with the relevant provisions of Act No. 121/2000 Coll. (Copyright). The platform on which the service is running is subject to the copyright protection of the company Microsoft, including the components specified in Article II. Table 2 of this document. The Licensee is entitled to use ATOM only in the extent of the license granted and is not entitled to use it except as provided by the License Terms, in particular not entitled to: - Reproduce, translate, process, modify, or otherwise modify service parameters. - Use the service to benefit a third party, in particular to use it for processing data for any third party as part of the provision of services, whether in return for payment or free of charge. - Grant a license that is part of the license, in whole or in part, permanently or temporarily, in return for payment or free of charge, to a third party. - While accessing, in particular, distributing, renting, lending or otherwise transmitting ATOMs, in particular, disseminating, distributing, renting, or otherwise transmitting the service to ATOM, or otherwise allowing the third party to use the service in any way. - Remove or modify the license numbers or any other data contained therein. - Copy source codes. The licensee is required to allow KPCS CZ to control the use of the license, even repeatedly. The terms of the inspections will be notified to the transferee in writing or electronically at least 7 days in advance. All the subjects of copyright protection of the contractor's author ( Article II, Table 1 of this document) shall be permanently removed by the Client in the event of the termination of the contract and the request for the preservation of the Azure platform. Article X. Changes in terms of use ATOM is provided over Azure's resources and products available from Microsoft. ATOM uses these products as an integral part without which ATOM can not be provided and for this reason the supplier reserves the right to change the service at any time in accordance with the terms and conditions set forth in the contract, offer or in the framework of the addendum to the contract with the customer. Once the changes have been published and before changes are effective, the Customer may respond to the change by accepting the changes made by the Contractor or withdrawing from the Contract within 14 days from the date of delivery of the written withdrawal, provided that he is not in the offer or otherwise specified in the contract. The Contractor reserves the right to alter these Terms of Use without the prior consent of the Customer, always on the basis of facts that may affect the price at which the Service is provided, or in a situation where a major change is made by the Platform Provider to Microsoft. This change will be communicated to the customer before the new terms of use of the service come into force so that it is always possible for the customer to react without a direct impact on the price change for the services provided. The Contractor declares that he considers the following to be a major change: - An unexpected change in services or services from Microsoft and / or - the cancellation of some or all of the services by Microsoft and / or - extension of the contractor's own service to components that require a change in the price of the service, for example due to the higher volume of recorded data and / or - Microsoft's price change - force majeure. Article XI. Final Provisions Applicable law: The relationship between the Client and the Contractor shall be governed and construed in accordance with the laws of the Czech Republic. Dispute Resolution: The Customer and the Contractor shall attempt to resolve any dispute arising out of this Agreement by mutual agreement. Any such dispute, which can not be settled by agreement, will be finally settled in the court proceedings locally and in fact by the competent court of the contractor. It is based on Czech courts. Announcement: All notifications, consents, and other communications must be made in writing and delivered personally or through a courier with pre-paid fees or post or e-mail with an electronic signature. In the case of communications relating to the change or termination of the contract, this must be sent by registered letter by post. Notices addressed to the contractor will be sent to the following addresses or e-mail addresses (or to other addresses specified by the contractor in the notice to the other party): - KPCS CZ sro, Kubánské náměstí 1391/11, 100 00 Prague 10 Vršovice Credit of receivables. The Client is not entitled to set off unilaterally any of his claims against the claims of the Contractor arising from this Contract or to claim against the Contractor a right of retention. The Client is entitled to assign or transfer the rights and obligations of this Agreement to a third party only with the prior written consent of the Contractor. Separability . The non-enforceability or invalidity of any article, paragraph, clause, clause or provision of these terms or the contract of which it forms part shall not affect the enforceability or validity of the remaining parts. In the event that any such article, paragraph, clause, sentence or provision becomes or becomes invalid for any reason (including, in particular, non-compliance with applicable law provisions), the Contracting Parties shall act together and agree on a legally acceptable way of achieving the business objectives contained in in such an invalid article, paragraph, paragraph, sentence, or provision.